Category: Security

“…it features an invisible fingerprint reader embedded in one of the Windows keys, allowing users to authenticate via the Windows Hello biometric security platform of the Windows 10 operating system.”

Microsoft has unveiled the world’s first keyboard to feature a fingerprint sensor embedded in a key, with biometric technology provided by Fingerprint Cards.

It’s called the Modern Keyboard, and it’s an otherwise normal-looking, if sleek, keyboard peripheral; in fact, as The Verge notes, its design appears identical to that of Microsoft’s previously released Surface Keyboard. But it features an invisible fingerprint reader embedded in one of the Windows keys, allowing users to authenticate via the Windows Hello biometric security platform of the Windows 10 operating system.

The sensor being used is the FPC1025, a Fingerprint Cards sensor model that has seen many smartphone integrations. For FPC, it’s another important step into the PC market, into which it is aiming for a dramatic expansion; the Modern Keyboard integration comes soon after another FPC sensor was integrated into a new convertible tablet notebook from Huawei.

It’s also another sign of the growing prominence of biometric authentication in PCs, a trend rising in the wake of a biometric revolution in mobile devices over the last few years.

Businesses including banks and financial services institutions must build public confidence in their ability to store and protect Australian citizens’ personal information, according to the latest Unisys Security Index.

The research found that 58 per cent of Australians are extremely or very concerned about unauthorised access to or misuse of personal information, while a further 55 per cent are extremely or very concerned about other people obtaining or using their credit/debit card details.

The Unisys Security Index is a global study that measures the attitudes of Australians on a wide range of issues related to national, personal, financial and Internet security, and showed that many consumers are still concerned over identity and financial theft.

“In an era where data breaches have become part of the daily news cycle, consumer confidence in the ability of organisations, including banks and retail businesses, to protect their personal and financial data has eroded away,” says John Kendall, director for national and border security programs, Unisys.

UK experience

Research indertaken by RFi Group based on the UK experience of open banking found almost 60 per cent of UK consumers agreed that their privacy was more important to them than accessing better products and services.

“Here the banks have an advantage; on any given Sunday a consumer trusts their bank to hold and maintain the privacy and security of their personal information better than any other organisation,” RFi Group managing director of consulting Alan Shields said.

Closer to home, RFi Group research found that Australian banks are the most trusted institutions in terms of data security and privacy regardless of age – with banks outranking technology and even government agencies when it came to trust and privacy issues.

Shields acknowledged that banks with foresight are already preparing to operate in an open banking environment, with open APIs.

“On the consumer front, if we solve privacy and security concerns, then account aggregation is clearly an attractive driver of consent among younger consumers and it is here that the banks must carefully choose their positioning,” he said.

Data breach

However, there are plenty of examples of companies getting it wrong and less than 12 months ago Australia recorded its largest ever data breach when the Red Cross Blood Service lost over half a million personal and medical files of Australian citizens.

“High-profile security breaches have rattled the Australian public and highlighted the vulnerabilities in business implemented technology. Security breaches don’t just impact an organisation’s ability to deliver services, the negative repercussions of a data breach can change the way customers think about or trust the business,” added Kendall.

Previous Unisys research from 2011 revealed 85 per cent of Australians said that they would stop dealing with an organisation if their data was compromised.

“Banks, retailers and governments wanting to move more of their transactions online can use innovative security measures, such as multi-factor identification or biometric technology, as a point of difference and position themselves as safe organisations to do business with and regain consumer trust,” concluded Kendall.

A wonderful thanks once again to Anand Sanwal and the team at CBInsights for great data.

CB Insights has been used data to identify over 80 private companies in cybersecurity that are using AI and categorized them into the nine main areas in which they operate. Two unicorn companies valued at over $1B are included in the map: the automated endpoint protection company Tanium and the predictive intelligence company Cylance.

Scroll down to see the market map and full table of companies included.

Category Breakdown

Anti Fraud & Identity Management: This is the most populated category within the cybersecurity AI market. Startups in this category mainly help secure online transactions by identifying fraudsters. For example, the company FeedZai utilizes machine learning algorithms to proactively detect fraud in financial transactions. Similarly, companies like Socure can detect fraudulent users on websites and in mobile applications also using machine-learning algorithms.

Mobile Security: Included in this category are startups such as Appthority, which provides a cloud-based platform that automatically identifies and grades risky behavior in mobile apps including known and unknown malware, new malware used in targeted attacks, corporate data ex-filtration, and intellectual property exposure. Similarly, Skycure’s predictive technology leverages massive crowd knowledge to proactively identify threats to secure mobile devices.

Predictive Intelligence: Companies such as the unicorn company Cylance aim to couple sophisticated math and machine learning with a unique understanding of a hacker’s mentality, and by doing so offer technology and services that are predictive and preventive against advanced cyber threats. Likewise, the company SentinelOne uses predictive execution modeling to detect and protect network devices against targeted, previously unknown threats in real time.

Behavioral Analytics / Anomaly Detection: Startups in this category include Darktrace which uses advanced mathematics and machine learning to detect anomalous behavior in organizations’ systems and networks in order detect cyber-attacks. Unlike software that puts locks on doors, Darktrace’s approach allows enterprises to protect their information and intellectual property from state sponsored, criminal groups or malicious employees who are already inside the network as well as from external attacks. Companies such as BehavioSec offer a behavioral biometric systems that creates digital fingerprints from an end-user’s behavior through monitored keystrokes, mouse behavior, and anomaly detection to ensure security of IT organizations, e-commerce, and more.

Automated Security: Startups in this category include unicorn company Tanium, which couples an application of AI known as natural language processing with endpoint protection on a massive scale. Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, automatically retrieve data on their current and historical state, and execute change as necessary within seconds. Other companies include Demisto which offers systems that are designed to automate security tasks across 100+ security products and weave human analyst activities and workflows together.

Cyber-Risk Management: Companies in this category range from cyber-insurance oriented companies to those that are security policy and compliance focused. For example, Cyence empowers the insurance industry to understand the impact of cyber risk in the context of dollars and probabilities. Other companies include Cybersaint, which offers solutions for streamlining the cyber-risk compliance process. Slightly different, but still within the business of managing cyber risk is the company Wiretap, which helps secure enterprise social networks, as well as collaboration tools, by securing against intellectual property and confidential data leaks, insider threats, HR policy violations, compliance issues, and external sharing risks.

App Security: Companies in this category are focused on securing specific enterprise applications rather than entire networks. This includes both web-based and dev-ops oriented applications, and more. This category includes companies such as Authbase, which provides frameworks to help developers secure applications by finding, fixing, and monitoring web, mobile, and networks against current and future vulnerabilities; the company Cryptosense, whose software employs a unique mix of formal analysis and machine learning to find security flaws in cryptographic systems; and Cyber 20/20, which monitors network traffic for suspicious activity within applications and automatically submits them to a machine learning platform, where they are analyzed and shown to be malicious or not.

IoT Security: These startups include SparkCognition, which develops AI-powered asset-protection software for the safety, security, and reliability of the IoT. Bastille Networks utilizes machine learning algorithms to secure the IoT on corporate campuses by identifying airborne threats such as hidden recording devices or transmitters in a conference room, and allow for a preemptive response to data theft. CUJO is a smart firewall that protects a user’s connected home from criminal hackers by using a combination of cloud services, machine learning, and mobile apps to manage the network.

Deception Security: illusive networks provides solutions that combat Advanced Persistent Threats by proactively deceiving and disrupting in progress attacks. CyberFog (dba CyberSwarm) offers a deception tool that detects and fights cyber attacks by creating a neural network of thousands of fake computers, devices, and services that act like a fog and work under the supervision of machine learning algorithms.

Market Map

Click on the image below to enlarge. Categories are not mutually exclusive and companies may operate across multiple categories. This market map is not meant to be exhaustive of companies in the space. See the full list of companies below the category breakdown.

Many years ago my team and I introduced simple one-function page checkouts to one of our largest customers.

The UX/UI team for that customer complained because there were now 5 pages to complete in a transaction.

The marketing team for that customer complained because fancy UI-style accordians and carousels would not be implemented.

And the sales team complained because all of the upselling components were removed as well.

However, the one person that mattered in the customer group was the person who owned the revenue line and the outcome. He mattered.

But the person who mattered the most was the actual customer.

After perservering, we implemented. Sales quadrupled and Net Promoter Scores (NPS) increased significantly – in fact, just short of Apple’s NPS scores. And for our customer, this was the only positive NPS score in their whole organisation!

Great design matters. Especially when it comes to payments, and especially when it comes to fraud. If you can’t detect it properly because it’s buried in marketing and misdirection, then you capture it and stop it.

Here is a great read on more reasons to consider form design in payments and forms in general.